CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Russia Imposes Network-Level Blockade on Apple’s End-to-End Encrypted FaceTime
Russia has recently imposed a network-level blockade on Apple’s video-calling service FaceTime, which is developed and operated entirely by Apple and provides users with end-to-end encrypted audio and ...
-
Daily CyberSecurity
Apache HTTP Server 2.4.66 Fixes SSRF Flaw (CVE-2025-59775) Exposing NTLM Hashes on Windows and suexec Bypass
The Apache Software Foundation has rolled out a crucial update for the ubiquitous Apache HTTP Server, addressing five distinct security vulnerabilities. The release of version 2.4.66 serves as a cumul ...
-
Daily CyberSecurity
The PDF Trap: Critical Vulnerability (CVE-2025-66516, CVSS 10.0) Hits Apache Tika Core
The Apache Tika toolkit, the industry standard for detecting and extracting metadata from over a thousand file types, has issued a maximum-severity alert. A critical XML External Entity (XXE) vulnerab ...
-
Daily CyberSecurity
“React2Shell” Storm: China-Nexus Groups Weaponize Critical React Flaw Hours After Disclosure
Only hours after the public disclosure of a critical vulnerability in the React ecosystem, state-sponsored cyber espionage groups have already launched active exploitation campaigns. Amazon threat int ...
-
TheCyberThrone
React2Shell CVE-2025-55182- Shaking React and Next.js Ecosystems
React Server Components promised a revolution in web development—seamless server-side rendering with client interactivity. But a critical flaw dubbed React2Shell has turned that promise into a widespr ...
-
Daily CyberSecurity
High-Severity Splunk Flaw Allows Local Privilege Escalation via Incorrect File Permissions on Windows
Splunk administrators managing Windows environments are being urged to patch immediately following the discovery of two high-severity vulnerabilities affecting both the Enterprise platform and Univers ...
-
Daily CyberSecurity
High-Severity Cacti Flaw (CVE-2025-66399) Risks Remote Code Execution via SNMP Community String Injection
Image: Cacti A high-severity security flaw has been uncovered in Cacti, the popular open-source network graphing solution. The vulnerability, tracked as CVE-2025-66399, exposes Cacti installations to ...
-
Daily CyberSecurity
NVIDIA Triton Server Patches Two High-Severity DoS Flaws, Risking Critical AI Inference Disruption
NVIDIA has issued a security bulletin regarding its Triton Inference Server, a cornerstone tool used by MLOps teams globally to deploy AI models at scale. The company has identified two high-severity ...
-
The Cloudflare Blog
Cloudflare outage on December 5, 2025
2025-12-055 min readOn December 5, 2025, at 08:47 UTC (all times in this blog are UTC), a portion of Cloudflare’s network began experiencing significant failures. The incident was resolved at 09:12 (~ ...
-
BleepingComputer
Hackers are exploiting ArrayOS AG VPN flaw to plant webshells
Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users. Array Networks fixed the vulnerability in a May security ...